Most secure way to render HTML string as HTML in MessageBox

[abhijeet181088]

Hi All,

We have an html markup as string which we receive from an API call, for eg:
<div>Please choose <ul><li>option1</li><li>option2</li></ul></div>

We need to render this inside the content of the UI5 MessageBox.

Current solution we have tried is to sanitize it using dompurify.sanitize and then set it using dangerouslySetInnerHTML inside a div:
<div dangerouslySetInnerHTML={{ __html: purifiedContent }}></div>

Is it a secure solution? Or is there a better solution/component which we can use to achieve this requirement.

Any help will be really appreciated.

[abhijeet181088]

We are going ahead with the solution mentioned. Hence closing this query. Thanks!